Active Directory Security
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
Why Upgrade to Lighting Intelligence from Purple Knight
- Huy Kha | Senior Identity & Security Architect
- Dec 19, 2024
For organizations of any size, managing hybrid identity security across on-premises and cloud environments can be challenging, and Purple Knight has long been trusted to expose risky misconfigurations. Lightning Intelligence, a SaaS security posture assessment, automates scanning to provide continuous monitoring without the need for periodic manual assessments. Small and…
What You Need to Know about SEC Regulation S-P Requirements and Active Directory
- James Doggett | Semperis CISO
- Dec 18, 2024
CISOs in the financial sector have another new regulatory challenge to contend with. Earlier this year, the U.S. Securities and Exchange Commission (SEC) adopted new cybersecurity incident response and disclosure rules, demanding new approaches to disaster recovery planning. For affected organizations, the new SEC Regulation S-P requirements demand a new…
Zerologon Exploit Explained
- Huy Kha | Senior Identity & Security Architect
- Nov 15, 2024
In a Zerologon exploit, an attacker with access to a network takes advantage of a critical flaw in the Netlogon Remote Protocol (MS-NRPC) to impersonate any computer, including a domain controller (DC). This flaw is known as Zerologon—a vulnerability that can give attackers full control over a domain. What is…
Active Directory Security Measures for U.S. State and Local Government and Education
- Edward Amoroso
- Oct 24, 2024
[Editor’s note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Broad cybersecurity support encompasses a wide variety of obligations, ranging from compliance documentation to user training. But the most challenging—and essential—aspect of Microsoft Active Directory (AD) security involves the detection of attacks, before, during, and…
The Role of Active Directory in U.S. Public Sector Cybersecurity
- Edward Amoroso
- Oct 18, 2024
[Editor's note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Any observer of public sector cybersecurity will recognize the serious challenges in information technology (IT) protections for U.S. public sector agencies over the past few decades. Major incidents, such as the 2015 data breach at…
Password Spraying Detection in Active Directory
- Huy Kha | Senior Identity & Security Architect
- Sep 18, 2024
Password spraying detection is a vital ability for all organizations. In a password spraying attack, the attacker attempts to gain unauthorized access by trying a few common or weak passwords across many accounts rather than targeting a single account with many passwords. The idea is to test several passwords, hoping…
The 5 Pillars for DORA Compliance in Active Directory
- Daniel Lattimer | Area Vice President - EMEA West
- Aug 30, 2024
The Digital Operational Resilience Act (DORA) is an incoming European Union (EU) legislative framework aimed at fortifying the operational resilience of digital systems within the financial sector. All finance entities that operate in or with the EU need to achieve DORA compliance by early 2025, as do information and communication…
Cohesity and Semperis Provide Unmatched Cyber Resilience for Business-Critical Data
- Nico Devoti | Senior Director, Technology Alliances
- Aug 09, 2024
An organization’s data is one of its most valuable assets—and a prime target for cyberattackers, who prove time and again that their victims will pay large ransom sums to get exfiltrated data back. According to Semperis’ 2024 Ransomware Risk Report, 78% of organizations that were hit by a ransomware attack…
